Stefan Eissing wrote:
> Basic just fails to specify how a username is converted to octets,
> right?
Ditto passwords and Digest. RFC 2617 inherits the 2616 *TEXT, and
that is to be interpreted as Latin-1 octets when it's not RFC 2047
encoded. And you don't 2047-encode user names and passwords used
as input for Basic / Digest / ... My crystal ball says.
To "fix" this we'd need SASLPREP UTF-8 as in the 2831bis drafts,
or at least UTF-8 as in 2831, that's one or two additional Digest
parameters. Won't work directly for Basic - unless we jump from
2616 HTTP/1.1 Latin-1 to a 2616ter HTTP/1.2 UTF-8. That is no
goal for 2616bis in this round.
Frank